-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Apr 2025 16:29:46 +0200 Source: wpa Binary: eapoltest eapoltest-dbgsym hostapd hostapd-dbgsym libwpa-client-dev wpagui wpagui-dbgsym wpasupplicant wpasupplicant-dbgsym wpasupplicant-udeb Architecture: mips64el Version: 2:2.10-12+deb12u3 Distribution: bookworm Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Bastien Roucariès Description: eapoltest - EAPoL testing utility hostapd - access point and authentication server for Wi-Fi and Ethernet libwpa-client-dev - development files for WPA/WPA2 client support (IEEE 802.11i) wpagui - graphical user interface for wpa_supplicant wpasupplicant - client support for WPA and WPA2 (IEEE 802.11i) wpasupplicant-udeb - client support for WPA and WPA2 (IEEE 802.11i) (udeb) Changes: wpa (2:2.10-12+deb12u3) bookworm; urgency=medium . * Non-maintainer upload by the LTS Security Team. * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c * Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association Checksums-Sha1: a8bf9fe51fec1165e3abf15c2b2a031f459d4b37 4210804 eapoltest-dbgsym_2.10-12+deb12u3_mips64el.deb 69f9e88cf1c8a6ac972c715e2863e7b7d0c80e85 1031540 eapoltest_2.10-12+deb12u3_mips64el.deb 78bcc2dee81cd4f989c30f2bb4ffaa7d2d1b3c2c 2889728 hostapd-dbgsym_2.10-12+deb12u3_mips64el.deb 3942de32592011f3ae5daf77fe69e06830a7d2e0 792720 hostapd_2.10-12+deb12u3_mips64el.deb b304b8db52c4d02bd7abb8fff474eb4e71ea383e 35456 libwpa-client-dev_2.10-12+deb12u3_mips64el.deb cccb2936c93be9fc6c47f907856da270c11246db 15048 wpa_2.10-12+deb12u3_mips64el-buildd.buildinfo a46dffdc6f2a57c0159592f6fb43e4498277c81a 2280736 wpagui-dbgsym_2.10-12+deb12u3_mips64el.deb ac4e0a75c6e59c0786a32c3470f7369fa5e1c49c 303592 wpagui_2.10-12+deb12u3_mips64el.deb ce2b802d1a70c53743062323495c8a77d6cef699 4744672 wpasupplicant-dbgsym_2.10-12+deb12u3_mips64el.deb 3ad1949d91dd6ce1afbedbd9ad2b422d7d366664 340664 wpasupplicant-udeb_2.10-12+deb12u3_mips64el.udeb edb32b240d3dead169da93be5b555b5a35e53362 1283884 wpasupplicant_2.10-12+deb12u3_mips64el.deb Checksums-Sha256: 2461f0de0e32811ed87b05e03dcb1af9c55d30ff64403817189708e3bca577f9 4210804 eapoltest-dbgsym_2.10-12+deb12u3_mips64el.deb fdb2342350e639f0186da2a3c0f3a991a219e46f59ba8b2a678750fe4d0448b2 1031540 eapoltest_2.10-12+deb12u3_mips64el.deb a7c2f06fd85477c75278621ed78ed48b542bd8342d6cb6805387a5fc24fe7ec3 2889728 hostapd-dbgsym_2.10-12+deb12u3_mips64el.deb 7dc071cce6254007a5ccdf55837a746778aeaddecce0512e41e30365127a5221 792720 hostapd_2.10-12+deb12u3_mips64el.deb 9b3af32b3c3fc9eaff24d34e95520ba406405a0f63db7f394d63b725bd8deb36 35456 libwpa-client-dev_2.10-12+deb12u3_mips64el.deb 20957b8400abdc0ec169f4c808b166eb8a96e788fb90ed9ed83afa9658f7214b 15048 wpa_2.10-12+deb12u3_mips64el-buildd.buildinfo b6bfd424edcd11eb72748fcad760fe1d884d4f4f31fc13680ee353670a8e4d62 2280736 wpagui-dbgsym_2.10-12+deb12u3_mips64el.deb 6e3a720191a2811d1031c44ec2659fe7f3742b77b6e6488432582da95660a6d7 303592 wpagui_2.10-12+deb12u3_mips64el.deb d743e087962ebe74aa49e845adbc52059fa459261aa6133b5f4f49d12c30f22e 4744672 wpasupplicant-dbgsym_2.10-12+deb12u3_mips64el.deb a66d47e0fb332f5b0a2258b74ae00c96871b56e4d9f6a7ae19290d19656af88d 340664 wpasupplicant-udeb_2.10-12+deb12u3_mips64el.udeb aa23940be7d9d92fd2b9306745b85d95285b203a7c0f6dca25befd178862679b 1283884 wpasupplicant_2.10-12+deb12u3_mips64el.deb Files: 12f66fe3538bcb3828395d6ed4566f38 4210804 debug optional eapoltest-dbgsym_2.10-12+deb12u3_mips64el.deb 35a3dd7a934ca7918c239a21e46bd3e9 1031540 net optional eapoltest_2.10-12+deb12u3_mips64el.deb f30e4b562a4104ce0aa42da1450d81d1 2889728 debug optional hostapd-dbgsym_2.10-12+deb12u3_mips64el.deb 1e8be4c10a1585631b76fcf148ee738a 792720 net optional hostapd_2.10-12+deb12u3_mips64el.deb c84e7b5be0530a526168cbdb5a3b5bb7 35456 libdevel optional libwpa-client-dev_2.10-12+deb12u3_mips64el.deb c18a66d8013bf628c245493c5d74cbee 15048 net optional wpa_2.10-12+deb12u3_mips64el-buildd.buildinfo 1cc9a3eedf9aec6611587cbfb0f0be2b 2280736 debug optional wpagui-dbgsym_2.10-12+deb12u3_mips64el.deb 922ae6d3375e4a852ec5e1d188371c8a 303592 net optional wpagui_2.10-12+deb12u3_mips64el.deb ede73920310befe72ab7f4b894a801f2 4744672 debug optional wpasupplicant-dbgsym_2.10-12+deb12u3_mips64el.deb 79466656fde89dbeccc2750384508ff0 340664 debian-installer standard wpasupplicant-udeb_2.10-12+deb12u3_mips64el.udeb e7c15eb7cc44393a9c19a83f2734d777 1283884 net optional wpasupplicant_2.10-12+deb12u3_mips64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYLhEzFkGpb3yYRVHmlVdU6AM9BUFAmhWfXYACgkQmlVdU6AM 9BWM5A//Yv53VStPCglDmp36wznkdlyX13ymNj5ksajTPolhNoUQK/AyoTS43AkJ XdWVSEwRLF4SjMuXbYAMN0LmiTBNtewQWeFVNmJ555BnHQsJt40fucE/8mhgnT70 ZDWrsS+mL8ycW9KuTY8Y1BX09ck6kDnlBYT6aXEEB7Wqwf9ifOFBQIPs2FYQ0O8v NxiDa0nymuizXFcuxqptGd+e5i5DUKVNTGnC3II7jiVfmzzKv2Lh6B3CbTzbKod7 8NWNNq1CsgjAB2F7mb62hPlpoAcRBcofM0+ISARkKgnWRuU0ae0lKJ6Me2GPHAvh x/tX+OQBMjsRSTBsZZCp9h8/cdOGGx6vT2HG8gW+DrEVHWTWHBq3M3RaCC25ixfI Is2T8WYI7MKPlWPX0dkxkH6DwXHKY30sPbaYfX8REREjFFAR88W+7UbHK/t/70S/ IEdxN6XW1vw4uC/S1fuDcU4gtthr9pgb0g9SYzohibIXqhHR8yqjiPCiEBAaJvw2 E0AyayVMk8cWvjHXqu7ZvAZt6iCpfO6EWR0+BWDBaMxUSfQ3A9PiK22peABBMfP4 W6kZNDb/m03jzgvwjDxzlIGnIdqft3eJAPYycV4jPzds0vMsXssoyrLgd1fBWJjh H9DCkVMrHON/IPecHI2WHPZLe9HrHkae2p7rEaKIkapFwcmNd3s= =Vr32 -----END PGP SIGNATURE-----